Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/l_DVOUIWZeQzN_ud687FQm9N3XM.roa
File: l_DVOUIWZeQzN_ud687FQm9N3XM.roa (raw, json)
Hash identifier: w8Ed2YFV5Z6Tfw1wykkzmpAQiiRwBTRKZzDMXY+18/g=
Subject key identifier: 97:F0:D5:39:42:16:65:E4:33:37:FB:9D:EB:CE:C5:42:6F:4D:DD:73
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B561A309E9349E1C29B6EDF0282656
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/l_DVOUIWZeQzN_ud687FQm9N3XM.roa
Signing time: Thu 02 Jan 2025 15:49:45 +0000
ROA not before: Thu 02 Jan 2025 15:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45027
IP address blocks: 2a12:5a00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:61:a3:09:e9:34:9e:1c:29:b6:ed:f0:28:26:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97f0d539421665e43337fb9debcec5426f4ddd73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7c:2e:13:67:f7:99:00:90:ca:af:78:8c:22:
5f:f8:62:c7:eb:35:3c:db:46:97:f5:da:ac:5c:e4:
6f:7a:c7:ad:d8:26:eb:60:7c:ec:6f:c7:04:4f:2b:
06:16:87:07:18:0b:6a:9e:7a:a3:ea:70:fd:0c:7f:
b9:28:9e:63:ab:03:a7:c1:5b:00:d1:d1:d3:30:f1:
bd:2b:6b:2c:7f:24:b3:89:59:9f:b2:71:0f:d3:e2:
b9:23:e9:50:72:75:93:d2:5f:0f:84:0c:eb:7e:43:
22:7d:e7:33:ae:6a:5a:69:0d:33:0a:64:3a:00:3c:
0f:a9:ad:6a:ff:41:c7:9c:e4:32:37:bc:38:6a:fc:
36:9d:04:db:42:a2:75:26:0f:2d:57:3a:2e:e2:f1:
9e:8a:e3:95:11:24:26:48:94:80:d8:62:60:61:6b:
e1:4c:8a:ec:79:0c:c0:db:16:e9:2c:75:36:80:6c:
cb:b4:84:9c:75:0b:5e:ac:8a:53:8c:c5:06:70:30:
06:84:5a:3f:bf:d7:ee:31:d4:f7:89:61:24:9c:95:
2c:d5:55:1c:4e:95:52:d8:3c:2e:f0:3d:74:a8:61:
c1:7e:1e:8d:94:92:0c:39:1a:a8:0e:db:5d:7e:2a:
76:4a:8b:12:9f:50:2b:7b:fb:cc:58:ec:16:1c:92:
01:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F0:D5:39:42:16:65:E4:33:37:FB:9D:EB:CE:C5:42:6F:4D:DD:73
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/l_DVOUIWZeQzN_ud687FQm9N3XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:5a00::/29
Signature Algorithm: sha256WithRSAEncryption
37:28:c1:c5:a8:e0:91:a5:f3:13:0b:e9:27:1d:4f:cc:ba:d6:
3f:54:47:0b:3b:0a:d5:8d:da:70:4b:18:ec:e5:4b:87:46:ed:
83:46:11:8e:8a:32:cf:82:8b:bc:91:79:8f:f4:73:30:9e:a2:
e1:8d:b8:30:fa:eb:bf:60:78:62:37:15:31:49:18:c7:47:fc:
7c:b0:ac:c0:40:32:0f:19:3b:5a:9b:3c:54:b1:26:55:d7:c8:
94:08:9a:a6:9a:8a:9f:e9:b4:14:21:d4:0f:be:1a:a7:60:e0:
f4:fe:ec:33:bc:67:e8:23:c3:02:07:f2:fb:c9:fb:df:82:9c:
ef:57:fb:91:31:63:e2:b6:a4:0b:e4:b1:f2:7b:5e:1a:19:28:
92:2d:0e:cc:0c:0c:a2:08:2b:89:08:27:b6:73:b5:5e:57:25:
61:22:1c:32:fe:35:4f:69:4b:24:e7:37:86:40:e3:09:dc:7e:
6d:a1:f5:52:33:48:2e:f4:a2:3f:ed:0d:74:63:12:30:48:86:
ad:a2:09:2c:b3:cd:e5:c4:5d:4f:c1:70:1c:00:ff:c3:a2:02:
7d:7d:b5:bd:8e:99:aa:6d:98:64:89:c0:12:43:db:3c:75:34:
f8:fb:b3:9a:b1:ee:db:9b:5c:a8:0f:6b:c7:82:6d:bf:e0:eb:
4a:62:f6:e5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntWGjCek0nhwptu3wKCZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2YwZDUzOTQyMTY2NWU0MzMzN2ZiOWRlYmNlYzU0MjZmNGRkZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3wuE2f3mQCQyq94jCJf+GLH6zU8
20aX9dqsXORveset2CbrYHzsb8cETysGFocHGAtqnnqj6nD9DH+5KJ5jqwOnwVsA
0dHTMPG9K2ssfySziVmfsnEP0+K5I+lQcnWT0l8PhAzrfkMifeczrmpaaQ0zCmQ6
ADwPqa1q/0HHnOQyN7w4avw2nQTbQqJ1Jg8tVzou4vGeiuOVESQmSJSA2GJgYWvh
TIrseQzA2xbpLHU2gGzLtIScdQterIpTjMUGcDAGhFo/v9fuMdT3iWEknJUs1VUc
TpVS2Dwu8D10qGHBfh6NlJIMORqoDttdfip2SosSn1Are/vMWOwWHJIB4QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJfw1TlCFmXkMzf7nevOxUJvTd1zMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvbF9EVk9VSVdaZVF6Tl91ZDY4N0ZRbTlOM1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJaADAN
BgkqhkiG9w0BAQsFAAOCAQEANyjBxajgkaXzEwvpJx1PzLrWP1RHCzsK1Y3acEsY
7OVLh0btg0YRjooyz4KLvJF5j/RzMJ6i4Y24MPrrv2B4YjcVMUkYx0f8fLCswEAy
Dxk7Wps8VLEmVdfIlAiappqKn+m0FCHUD74ap2Dg9P7sM7xn6CPDAgfy+8n734Kc
71f7kTFj4rakC+Sx8nteGhkoki0OzAwMoggriQgntnO1XlclYSIcMv41T2lLJOc3
hkDjCdx+baH1UjNILvSiP+0NdGMSMEiGraIJLLPN5cRdT8FwHAD/w6ICfX21vY6Z
qm2YZInAEkPbPHU0+PuzmrHu25tcqA9rx4Jtv+DrSmL25Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:03:09 2025 by rpki-client